Automated Rebooting of Auerswald Communication System

The wired telephones in my house are connected to a telephone-system from Auerswald. This PBX handles VoIP and ISDN. My children make fun of me that I still use landlines, they just use cell phones.

Unfortunately since a couple of months the system no longer is fully reliable and needs constant reboots, for unknown reasons. I deleted the entire call history, in the hope that this reduced storage would alleviate the problem, but this did not help. So I had to automate the reboots. The script below mimics the login-screen and the reboot-screen, as shown below. To figure out the details of the login screen I used the network analyzer of Firefox to see which URL and which commands are sent to the web-server.

Script is:

# Login
curl -s -o AW_Login.html -d LOGIN_NOW=true -d jssupport=true -d timeout=200 -d LOGIN_NAME=admin -d LOGIN_PASS=SecretPasswd -d Anmelden=Anmelden -c AW_cookieJar http://tk/login

sleep 2

# Ask for reboot
curl -s -o AW_Reboot.html -b AW_cookieJar -d reboottimevalue=0 -d rebootpbx=Neustart 'http://tk/updownload?timereboot_PBX=1&reboottime=0'

The telephone-system has DNS name tk. This name is arbitrary.

This script is then run via cron.

Final remark: Unfortunately, even after daily rebooting, the telephone system still is misbehaving on a random basis.

Hosting Static Content with netlify.app

Many people associate netlify.com with its integration to GitHub, GitLab or Bitbucket. But you can just deploy your local files to Netlify as well.

Install netlify command via npm install netlify. cd to the directory where you locate your static content. Login to Netlify site via

netlify login

This will either directly open a browser, where you confirm the login, or enter your credentials. If the browser is not opened, then enter the URL given on console. Once you are logged in and have configured your domain name in the Netlify administration menu, you can deploy. For this run below command

netlify deploy --prod -d .

Netlify has the notion of two environments: preview and production. You can skip the preview environment and deploy directly to production.

The netlify command offers the following options.

$ netlify -h
Netlify command line tool

VERSION
  netlify-cli/2.48.0 linux-x64 node-v13.13.0

USAGE
  $ netlify [COMMAND]

COMMANDS
  addons     (Beta) Manage Netlify Add-ons
  api        Run any Netlify API method
  build      (Beta) Build on your local machine
  deploy     Create a new deploy from the contents of a folder
  dev        Local dev server
  functions  Manage netlify functions
  help       display help for netlify
  init       Configure continuous deployment for a new or existing site
  link       Link a local repo or project folder to an existing site on Netlify
  login      Login to your Netlify account
  open       Open settings for the site linked to the current folder
  plugins    list installed plugins
  sites      Handle various site operations
  status     Print status information
  switch     Switch your active Netlify account
  unlink     Unlink a local folder from a Netlify site
  watch      Watch for site deploy to finish

The netlify script stores your credentials in $HOME/.netlify/config.json.

Hosting Static Content with now.sh

now.sh, previously known under zeit.co, which has now rebranded as vercel.com, allows to host static content. There is no PHP, MySQL/MariaDB, Perl, CGI, etc. While surge.sh is super simple to use, in contrast now.sh uses the notion of ‘environment’, which can be either development, preview, or production.

First install via npm install now, then cd to the directory where you have stored your static content. Then, depending on your environment, deployment is as follows:

  1. Development: now dev, no “real” deployment, but rather web-server is started at localhost:3000. Stop with Ctrl-C.
  2. Preview: now or now deploy
  3. Production: now deploy --prod

It is not required to step through all the environments in any order. So you can just always deploy to production. Regardless of the environment, now.sh always creates some additional HTML web area with a generated name. This name might look like now-ll1keyjfk.now.sh.

The now command has the following options:

$ now -h                                                                                                           
> UPDATE AVAILABLE Run `npm i now@latest` to install Now CLI 18.0.0                                                                                
> Changelog: https://github.com/zeit/now/releases/tag/now@18.0.0                                                                                   
                                                                                                                                                   
  đťš« now [options] <command | path>                                                                                                                 
                                                                                                                                                   
  Commands:                                                                                                                                        
                                                                                                                                                   
    Basic                                                                                                                                          
                                                                                                                                                   
      deploy               [path]      Performs a deployment (default)                                                                             
      dev                              Start a local development server                                                                            
      init                 [example]   Initialize an example project                                                                               
      ls | list            [app]       Lists deployments                                                                                           
      inspect              [id]        Displays information related to a deployment                                                                
      login                [email]     Logs into your account or creates a new one                                                                 
      logout                           Logs out of your account                                                                                    
      switch               [scope]     Switches between teams and your personal account                                                            
      help                 [cmd]       Displays complete help for [cmd]                                                                            
                                                                                                                                                   
    Advanced                                                                                                                                       
                                                                                                                                                   
      rm | remove          [id]        Removes a deployment                                                                                        
      domains              [name]      Manages your domain names                                                                                   
      dns                  [name]      Manages your DNS records                                                                                    
      certs                [cmd]       Manages your SSL certificates                                                                               
      secrets              [name]      Manages your secret environment variables                                                                   
      logs                 [url]       Displays the logs for a deployment                                                                          
      teams                            Manages your teams                                                                                          
      whoami                           Shows the username of the currently logged in user                                                          
                                                                                                                                                   
  Options:

    -h, --help                     Output usage information
    -v, --version                  Output the version number
    -V, --platform-version         Set the platform version to deploy to
    -n, --name                     Set the project name of the deployment 
    -A FILE, --local-config=FILE   Path to the local `now.json` file
    -Q DIR, --global-config=DIR    Path to the global `.now` directory
    -d, --debug                    Debug mode [off]
    -f, --force                    Force a new deployment even if nothing has changed
    -t TOKEN, --token=TOKEN        Login token
    -p, --public                   Deployment is public (`/_src` is exposed)
    -e, --env                      Include an env var during run time (e.g.: `-e KEY=value`). Can appear many times.
    -b, --build-env                Similar to `--env` but for build time only.
    -m, --meta                     Add metadata for the deployment (e.g.: `-m KEY=value`). Can appear many times.
    -C, --no-clipboard             Do not attempt to copy URL to clipboard
    -S, --scope                    Set a custom scope
    --regions                      Set default regions to enable the deployment on
    --prod                         Create a production deployment

  > NOTE: To view the usage information for Now 1.0, run `now help deploy-v1`

  Examples:

  – Deploy the current directory

    $ now

  – Deploy a custom path

    $ now /usr/src/project

  – Deploy with environment variables

    $ now -e NODE_ENV=production -e SECRET=@mysql-secret

  – Show the usage information for the sub command `list`

    $ now help list

now.sh stores your credentials in $HOME/.local/share/now/auth.json.

Hosting Static Content with surge.sh

When you want totally hassle free hosting of static HTML then surge.sh is very attractive. It is easy to set-up and free of charge for most private users. It offers https out of the box from sectigo.com. It does not offer PHP, MySQL/MariaDB, CGI, Perl, etc. Just static HTML with CSS, JavaScript, images, etc. Your static content will be hosted on Your_Domain.surge.sh.

Steps to follow:

  1. Install surge: npm install surge
  2. cd to your directory with static content: Type surge

It cannot be easier. If you do not want to enter the domain name over and over again, you can store this chosen domain name in file CNAME and you won’t be asked the next time:

echo Your_Domain > CNAME

The surge command offers the following options.

$ surge --help

  surge – single command web publishing. (v0.21.3)

  Usage:
    surge <project> <domain>

  Options:
    -a, --add           adds user to list of collaborators (email address)
    -r, --remove        removes user from list of collaborators (email address)
    -V, --version       show the version number
    -h, --help          show this help message

  Additional commands:
    surge whoami        show who you are logged in as
    surge logout        expire local token
    surge login         only performs authentication step
    surge list          list all domains you have access to
    surge teardown      tear down a published project
    surge plan          set account plan

  Guides:
    Getting started     surge.sh/help/getting-started-with-surge
    Custom domains      surge.sh/help/adding-a-custom-domain
    Additional help     surge.sh/help

  When in doubt, run surge from within your project directory.

Your e-mail and encrypted password are stored in $HOME/.netrc.

youtube-dl HTTP 403 error

youtube-dl is a set of Python scripts for downloading videos from YouTube, Twitter, Vimeo, and many other sites, see for example the list of supported sites. This is a handy tool if you want to watch videos or listen to music on your smartphone: Download them with youtube-dl and store them on your smartphone. Also see Youtube video to mp3.

I had some issues downloading a YouTube video using youtube-dl.

$ youtube-dl https://youtu.be/26QTzeOV8Gs 
[ youtube ]  26QTzeOV8Gs: Downloading webpage
ERROR: unable to download video data: HTTP Error 403: Forbidden

The following command did the trick:

$ youtube-dl --rm-cache-dir
Removing cache dir /home/klm/.cache/youtube-dl ...

Surfing the internet with 1 GBit/s

Adding 30 Cents to my monthly bills bought me Gigabit internet access. I now pay 39.99 EUR per month. Previously I had 100 MBit/s. From user’s experience I do not feel any significant difference. Of course, for all my mobile devices, like smartphones, laptop, there is and will be no difference as Wi-Fi does not really offer high transmission rates, unless you are very close to the emitting antennas.

Speed measured by speedtest.unitymedia.de.

Continue reading

Aggressive Vodafone Router

Vodafone router does not allow to turn off firewall permanently. It will insist on switching it on after 24 hours.

Version of this router in question:

Firmware version:          01.02.037.03.12.EURO.SIP
Productname:               Vodafone Docsis 3.1

This “Made in China” router using Linux 3.12.59 from 2010, is teaching the “expert user”. You have to get “expert user” if you want to switch off firewall. As of the time of writing, stable Linux kernel version is 5.5.6, longterm 5.4.22, earliest is 3.16.82. It is also using old versions of openssl and iptables.

Apparently the creators of this router never thought of any user employing Linux and iptables, or something similar.

Luckily, the router allows to forward a range of ports, thereby effectively bypassing the firewall.

See Home Router Security Report 2020 for an assessment of home-routers.

Updating IP Address in Dynu

Dynu is a free dynamic DNS service. As described in Microsoft Brought Down No-IP.org I have to cope with big business just pushing their own interest and not caring on small business or private customers.

I tried to update IP address for Dynu using ddclient using package ddclient. This failed. The version 2 of Dynu’s API allows to do that with curl/wget.

Steps to set it up:

  1. Go to API Credentials to get your “API-key”
  2. Go to API and authorize using your “API-key”
  3. Run first “GET /dns” to gather your so called “id”. Alternatively, run the below curl command

The curl command to get your “id” is as follows:

curl -X GET "https://api.dynu.com/v2/dns" -H  "accept: application/json" -H  "API-Key: yyyyyyyyyy"

Output is like this:

{"statusCode":200,"domains":[{"id":12345678,"name":"eklausmeier.mywire.org","unicodeName":"eklausmeier.mywire.org","token":"aaaaaaaaa","state":"Complete","location":"office","group":"office","ipv4Address":"109.90.226.205","ipv6Address":null,"ttl":90,"ipv4":true,"ipv6":false,"ipv4WildcardAlias":false,"ipv6WildcardAlias":false,"createdOn":"2019-05-25T08:37:16","updatedOn":"2019-06-29T12:33:04.707"}]}%

Once you know your “API-key” and “id” you can set-up a simple script to run periodically. I use a Perl script which first fetches my current internet address, $remoteIP, and then updates Dynu.

open(F,"curl -sX POST \"https://api.dynu.com/v2/dns/XXXXXXXX\" "
        . "-H \"accept: application/json\" "
        . "-H \"API-Key: yyyyyyyyyyyyyyyyyyyyyyyy\" "
        . "-H \"Content-Type: application/json\" "
        . "-d \"{\\\"name\\\":\\\"eklausmeier.mywire.org\\\","
                . "\\\"group\\\":\\\"office\\\","
                . "\\\"ipv4Address\\\":\\\"${remoteIP}\\\","
                . "\\\"ttl\\\":90,\\\"ipv4\\\":true}\" |")
        || die("Cannot curl to dynu.com");
while (<F>) {
        print;
}
close(F) || die("Cannot close dynu.com");

If all goes well then output is:

{"statusCode":200}

Google Chrome in Android Cannot Clear Cookies

Google Chrome on Android version 74.0.3729 can no longer clear history, cookies, local data, etc. See screenshot below.

Even when this process is running completely uninterrupted, nothing happens. I.e., changing display sleep time to 30 minutes, Google Chrome will not finish.

Problem solution: Shut down phone. Power up again, and try again to delete cookies. This time it worked. Seems that some Android Chrome internal locking and contention blocked deletion.

Showing History of Visits in Mozilla Firefox

If one needs to know when some website has been visited in Mozilla Firefox then go to the default directory and open the places.sqlite file:

cd ~/.mozilla/firefox/<xyz>.default/
sqlite3 places.sqlite

Issue below SQL command

select visit_date,
       datetime(visit_date/1000000, 'unixepoch','localtime') as S
from moz_historyvisits
where place_id in
       (select id from moz_places where url like 'https://www.google.come%')
and S like '2019-01-2%'
order by S;

References:

  1. How do I decode the Last_Date_ Visited field in the places.sqlite db?
  2. SQLite: Date And Time Functions
  3. Entity relationship diagram of tables: The Places database

ER diagram looks like this:
ER diagram

Added 30-Jun-2019: Interesting comment from Ronald Scheckelhoff from 19-May-2019 on caching DNS entries of previously visited URLs.

… could use this database to collect an overall sample of my web surfing habits, and then plug that data into something like the Unbound DNS resolver to do my own DNS lookups for the places I usually visit. I was doing that with Squid, but it has some limitations for my situation. Maybe this is better (plus, I don’t have to use Squid).

Web Interface to Oracle Database

I had to provide access to an Oracle database but the standard port at 1521 was hindered by company firewall and company proxy rules.

In previous times there was iSQL*Plus, but this product no longer seems to be available. I found Adminer as an alternative. It is written by Jakub Vrána. It is very easy to install: it is just one single PHP file consisting of less than 2000 lines. Originally made for MySQL/MariaDB, but it works for Oracle quite well. It provides access to tables and views, although it has problems editing PL/SQL procedures and triggers. It is termed as beta software for Oracle. Nevertheless, I found it to be very useful for Oracle.

To use one must add one file etc/php/conf.d/oci8.ini

extension=oci8.so

Make sure OCI8 is available for PHP, therefore install AUR package php-oci8. When you run php -i (equivalent to calling phpinfo()) you’ll see:

Additional .ini files parsed => /etc/php/conf.d/oci8.ini

oci8

OCI8 Support => enabled
OCI8 DTrace Support => disabled
OCI8 Version => 2.1.8
Revision => $Id: 8a26cf66ca0f9556b6376408c8f71ead69bdbcbf $
Oracle Run-time Client Library Version => 12.2.0.1.0
Oracle Compile-time Instant Client Version => 12.2

Directive => Local Value => Master Value
oci8.connection_class => no value => no value
oci8.default_prefetch => 100 => 100
oci8.events => Off => Off
oci8.max_persistent => -1 => -1
oci8.old_oci_close_semantics => Off => Off
oci8.persistent_timeout => -1 => -1
oci8.ping_interval => 60 => 60
oci8.privileged_connect => Off => Off
oci8.statement_cache_size => 20 => 20

For this you need to install Oracle instant client. In ArchLinux AUR these are the packages oracle-instantclient-basic and oracle-instantclient-sdk. The first package installs

/usr/lib/libclntsh.so

If you encounter “URI too long” error messages, then downgrade to version 4.6.3, see Adminer releases. Latest version 4.7.0 still seems to be unstable, while 4.6.3 is fine.

Set-Up “Let’s Encrypt” for Hiawatha Web-Server

Google announced that starting with Chrome version 68 they will gradually mark HTTP-connections as “not secure”. “Let’s Encrypt” is a free service for web-masters to obtain certificates in an easy manner. Work on “Let’s Encrypt” started in 2014.

Setting up “Let’s Encrypt” with Hiawatha web-server is quite easy, although there are some pitfalls. I used the ArchLinux package for Hiawatha. There is also a ArchWiki page for Hiawatha.

Another detailed description is: Let’s Encrypt with Hiawatha by Chris Wadge.

1. Unpacking and production-server setting. After installing the ArchLinux package I unpacked the file /usr/share/hiawatha/letsencrypt.tar.gz. You have to edit letsencrypt.conf at three places:

ACCOUNT_EMAIL_ADDRESS = your@mail.address
HIAWATHA_CERT_DIR = {HIAWATHA_CONFIG_DIR}/tls
LE_CA_HOSTNAME = acme-v01.api.letsencrypt.org           # Production

I struggled with the last variable LE_CA_HOSTNAME. This has to be the productive “Let’s Encrypt” server. Although you might register with the testing-server, you apparently cannot do anything else with the testing-server. So delete the testing-server. The rest of the configuration file is obvious to change.

2. Configuration file. Now check your hiawatha.conf file:

Binding {
        Port = 443
        #TLScertFile = tls/hiawatha.pem
        TLScertFile = /etc/hiawatha/tls/www.eklausmeier.tk.pem
        Interface = 0.0.0.0
        MaxRequestSize = 2048
        TimeForRequest = 30
}
...
VirtualHost {
        Hostname = www.eklausmeier.tk, eklausmeier.tk, 192.168.178.24, klm.no-ip.org, klm.ddns.net, edh.no-ip.org, edh.ddns.net, klmport.no-ip.org, borussia
        ...
}

Continue reading